issues
search
ruohong2018
/
ruohong2018.github.io
GNU General Public License v3.0
29
stars
3
forks
source link
[每日信息流] 2024-08-30
#566
Open
ruohong2018
opened
3 weeks ago
ruohong2018
commented
3 weeks ago
每日安全资讯(2024-08-30)
Trustwave Blog
Incident Response Testing: An Australian Perspective
Recent Commits to cve:main
Update Thu Aug 29 22:37:56 UTC 2024
Update Thu Aug 29 14:41:49 UTC 2024
Update Thu Aug 29 06:30:25 UTC 2024
Security Boulevard
Who Owns Implementation of California’s New Workplace Violence Prevention Law?
USENIX Security ’23 – RøB: Ransomware over Modern Web Browsers
Shining a Light on Shadow AI: What It Is and How to Find It
TrustCloud Product Updates: August 2024
Daniel Stori’s ‘Linux Top Explained’
The Role of AI in Enhancing Patient Experience in HealthTech
The AppViewX Experience: A Journey to Seamless Solution Onboarding
Manufacturing Security Vulnerabilities: Combating the Risks
Elevating your secrets security hygiene: H1 roundup of our product innovations
SecWiki News
SecWiki News 2024-08-29 Review
Sucuri Blog
12 Best Practices to Secure Your WordPress Login Page
ElcomSoft blog
Instant Password Removal for Quicken 2024
Files ≈ Packet Storm
pgAdmin 8.4 Remote Code Execution
WordPress GiveWP Donation / Fundraising Platform 3.14.1 Code Execution
vTiger CRM 7.4.0 Cross Site Scripting
vTiger CRM 7.4.0 Open Redirection
Wireshark Analyzer 4.4.0
Faraday 5.6.1
Microsoft Windows IPv6 CVE-2024-38063 Checker / Denial Of Service
Gitea 1.22.0 Cross Site Scripting
Notemark 0.13.0 Cross Site Scripting
Ubuntu Security Notice USN-6972-4
Online Graduate Tracer System 1.0.0 Insecure Direct Object Reference
SPIP 4.2.5 Code Execution
Red Hat Security Advisory 2024-6033-03
Red Hat Security Advisory 2024-6030-03
Red Hat Security Advisory 2024-6028-03
Red Hat Security Advisory 2024-6027-03
Red Hat Security Advisory 2024-6020-03
Red Hat Security Advisory 2024-6018-03
Red Hat Security Advisory 2024-6001-03
Online Bus Ticketing 1.0 Insecure Direct Object Reference
Online Appointment System 1.0 Insecure Settings
Multi-Vendor Online Groceries Management System 1.0 Insecure Settings
Red Hat Security Advisory 2024-6000-03
Red Hat Security Advisory 2024-5999-03
Red Hat Security Advisory 2024-5982-03
嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
一图读懂《物联网标准体系建设指南(2024版)》
PoorTry Windows 驱动程序进化为功能齐全的 EDR 擦除器
安全客-有思想的安全新媒体
新的二维码网络钓鱼活动利用 Microsoft Sway 窃取凭据
攻击者利用严重 Atlassian Confluence 漏洞进行加密劫持
BlackByte 使用勒索软件瞄准 ESXi 错误以访问虚拟资产
AVTECH 闭路电视系统中的零日漏洞将关键基础设施暴露给 Mirai 僵尸网络
美国 CISA 将 Google Chromium V8 漏洞添加到其已知利用漏洞目录中
Young Consulting 遭受了 BlackSuit 勒索软件攻击,导致超过 95 万名个人的信息被泄露
CrowdStrike 的崩溃并没有削弱其市场主导地位
Fortra 针对高风险 FileCatalyst Workflow 安全漏洞发布补丁
APT-C-60 Group 利用 WPS Office 漏洞部署 SpyGlace 后门
360渠道精英成长训练营启航,携手共筑技术交付新高地!
sign加密小程序漏洞挖掘
paper - Last paper
同道 | 2024 KCon 大会部分议题 PPT 公布
NVISO Labs
The Big TIBER Encyclopedia
Didier Stevens
Overview of Content Published in July
GuidePoint Security
Navigating Cloud Security: Q&A on the Importance of Collaboration and Innovation
梧桐雨blog
密码保护:羊城杯WEB tomtom2记录
Reverse Engineering
Air Con: $1697 for an on/off switch
PC Floppy Copy Protection: Formaster Copy-Lock
Sucuri Blog
12 Best Practices to Secure Your WordPress Login Page
Malware-Traffic-Analysis.net - Blog Entries
2024-08-29 - Phishing email and traffic to fake webmail login page
HackerNews
Google 再提高 Chrome 漏洞赏金数额,最高可达 25 万美元
“伏特台风”黑客利用 Versa 零日漏洞攻击美国服务商
PoorTry Windows 驱动程序进化为功能齐全的 EDR 擦除器
韩国黑客组织 APT-C-60 利用 WPS 0day 漏洞(CVE-2024-7262)安装 SpyGlace 后门
微软报告伊朗黑客组织 APT33 利用新型 Tickler 恶意软件攻击美国政府、国防、石油和天然气部门
BlackSuit 勒索软件窃取了软件解决方案供应商的近百万条数据
安全牛
安全玻璃盒全新力作《软件供应链安全实践指南》正式出版|中国工程院院士沈昌祥等联合力荐
Black Hills Information Security
Crafting the Perfect Prompt: Getting the Most Out of ChatGPT and Other LLMs
FreeBuf网络安全行业门户
CrowdStrike在财报电话会上详细说明719蓝屏事件后的安全改进措施
2024中国数据安全企业全景图产品征集说明
FreeBuf早报 | 45台自动售卖机中40台索取个人信息;CrowdStrike与英伟达宣布合作
韩国黑客利用 WPS Office 零日漏洞部署恶意软件
安恒信息2024半年报:营收6.98亿元,亏损2.76亿
Google 再提高 Chrome 漏洞赏金数额,最高可达25万美元
奇客Solidot–传递最新科技情报
调查显示韩国企业 AI 使用率为 30.6%
逃离乌克兰无人机的库尔斯克居民仍然面临超速罚单
韩国黑客利用 WPS Office 0day 部署恶意程序
Google AI 恢复人类图像生成
LinkedIn 从 CentOS 7 迁移到 Azure Linux
Telegram CEO 被禁止离开法国
雷神众测
突破自我|雷神众测2023年度排行公布
知道创宇404实验室
重磅更新 | 知道创宇研发技能表 V4.0 发布!
奇安信威胁情报中心
近期值得关注的IOC(2024-08-29)
安全内参
俄导弹袭击致使乌克兰关基设施瘫痪,水电网中断近12小时
月度安全态势:8月最值得关注的网络安全动态
dotNet安全矩阵
.NET 一款支持反序列化漏洞的白名单工具
2024hvv | 33套.NET系统漏洞威胁情报(08.29更新)
.NET 安全基础入门学习知识库
虎符智库
月度安全态势:8月最值得关注的网络安全动态
中国信息安全
九天之上 安全之星
发布 | 第54次《中国互联网络发展状况统计报告》发布
评论 | 让时代新风激荡网络空间
整治“饭圈”乱象,体育总局出手→
通知 | 网安标委就国家标准《网络安全技术 安全技术 网络安全 第7部分:网络虚拟化安全(征求意见稿)》征求意见(附下载)
关注 | 关于未成年人,这一重磅报告发布!
关注 | 2024年度上半年社会民生领域网络辟谣榜
腾讯安全威胁情报中心
重保战报20240829|逆序文件名RLO控制符伪装文件方式
安全牛
防范新型网络钓鱼攻击的10款热门工具/服务
多个法国政府网站遭攻击,或因Telegram CEO被捕引发报复;Uber将就天价罚款提起上诉:相信“常识会占据上风” | 牛览
数世咨询
如何选择合适你的MSPs?
安全玻璃盒全新力作《软件供应链安全实践指南》正式出版|中国工程院院士沈昌祥等联合力荐
代码卫士
谷歌单个Chrome漏洞的最高赏金超25万美元
Fortra 修复严重的 FileCatalyst Workflow硬编码密码问题
关键基础设施安全应急响应中心
WPS用户警惕!APT-C-60利用WPS Office漏洞部署SpyGlace后门
新型 Styx 窃取程序攻击用户登录密码
“伏特台风”黑客利用Versa零日漏洞攻击美国服务商
极客公园
AI 生产力工具竞速,进入产品力比拼阶段
跌去 2000 亿美元,「AI 卖铲人」英伟达怎么了?
特斯拉 Model 2,让小鹏造出来了,只要 12 万
OpenAI 敲定新融资,估值超千亿美元;英伟达盈利大涨 168%,股票跌 7%;1/4 年轻人从不接电话:没这习惯|极客早知道
网络空间安全科学学报
会议预告 | 第39次全国计算机安全学术交流会
嘶吼专业版
PoorTry Windows 驱动程序进化为功能齐全的 EDR 擦除器
一图读懂 |《物联网标准体系建设指南(2024版)》
微步在线
半夜加班,突然有人和我抢鼠标
字节跳动技术团队
硬件领域挤进新巨头!AI 图像生成公司 Midjourney 携手苹果前高管有大动作|AGI 掘金资讯
Beacon Tower Lab
【0829】重保演习每日情报汇总
山石网科安全技术研究院
2024年羊城杯粤港澳大湾区网络安全大赛WP-Web AK篇
Over Security - Cybersecurity news aggregator
Halliburton cyberattack linked to RansomHub ransomware gang
La digitalizzazione impatta banche, aziende e PA: ma rivediamo i processi partendo dall’autenticazione con le Passkey
Bypassing airport security via SQL injection
CISA’s top China specialist departs amid Volt Typhoon warnings
US agencies warn against ransomware group behind hundreds of attacks in recent months
Cambodian scam giant handled $49 billion in crypto transactions since 2021, researchers say
FBI: RansomHub ransomware breached 210 victims since February
Fake Palo Alto GlobalProtect used as lure to backdoor enterprises
What kind of summer has it been?
Windows 10 KB5041582 update released with 5 changes and fixes
Malware exploits 5-year-old zero-day to infect end-of-life IP cameras
Google says Russian group targeted Mongolian government with exploits used by NSO Group
Telegram, così l’arresto di Durov mette in crisi l’Europa digitale
Ecco perché la Francia ha colpito Telegram e non le altre piattaforme
Cyber security e budget limitati. Queste le soluzioni per le Pmi
Intelligenza e Gen AI, la convergenza di due mondi: un approccio by design e by default
California passes landmark bill requiring easier data sharing opt outs for consumers
Top ICS Vulnerabilities This Week: Addressing Flaws Within Rockwell Automation, Avtec, and MOBOTIX Products
Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors
Durov’s Arrest: Cybercriminals React
#FreeDurov: Hacktivists Scramble on Telegram Supporting Pavel’s Release
Old CCTV cameras provide a fresh opportunity for a Mirai botnet variant
Irish wildlife park warns visitors to cancel bank cards after discovering cyberattack
May 2024 Cyber Attacks Statistics
Scam Sites at Scale: LLMs Fueling a GenAI Criminal Revolution
I rischi dei dispositivi IoT obsoleti e non supportati
Kursk Offensive Unveiled: Ukraine’s Strategic Planning and Cyber-Kinetic Convergence
12 Best Practices to Secure Your WordPress Login Page
Iran cyber operations exposed in reports from Google, Microsoft
When Get-Out-The-Vote Efforts Look Like Phishing
Securityinfo.it
I rischi dei dispositivi IoT obsoleti e non supportati
火绒安全
防护修复双重保障 | CVE-2024-38063远程代码执行漏洞通告
bellingcat
Indian Sites Spreading Harmful Disinformation Are Earning Money Through Google’s Ads
Tails - News
Tails report for July 2024
CNCERT国家工程研究中心
网络攻击迫使美国超级机场IT系统瘫痪、航班延误
微软Sway在大规模二维码钓鱼活动中被滥用
SANS Internet Storm Center, InfoCON: green
Live Patching DLLs with Python, (Thu, Aug 29th)
ISC Stormcast For Thursday, August 29th, 2024 https://isc.sans.edu/podcastdetail/9118, (Thu, Aug 29th)
Il Disinformatico
ANTEPRIMA Podcast RSI - L’IA ha troppa fame di energia. Come metterla a dieta
Schneier on Security
Adm. Grace Hopper’s 1982 NSA Lecture Has Been Published
TorrentFreak
Fmovies Piracy Ring Was Shut Down by Vietnam, Assisted By ACE
Google Asks Court to Gut “Kitchen Sink” Lawsuit Claiming it Profits From Piracy
Troy Hunt's Blog
The North American Have I Been Pwned Tour
Security Affairs
Cisco addressed a high-severity flaw in NX-OS software
Corona Mirai botnet spreads via AVTECH CCTV zero-day
Telegram CEO Pavel Durov charged in France for facilitating criminal activities
Iran-linked group APT33 adds new Tickler malware to its arsenal
NVISO Labs
The Big TIBER Encyclopedia
Instapaper: Unread
New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials
The curious case of the iPhone 11 Pro and the hacked contest
Google Now Offering Up to $250,000 for Chrome Vulnerabilities
SIM Swap e truffe bancarie cosa impariamo dalla condanna a Bper e Tim
Trattato globale Onu sulla criminalità informatica perché è importante
Graham Cluley
$2.5 million reward offered for hacker linked to notorious Angler Exploit Kit
‘Big-game hunting’ – Ransomware gangs are focusing on more lucrative attacks
Crypto scammers who hacked McDonald’s Instagram account say they stole $700,000
Information Security
Data Security Strategy Beyond Access Control: Data Encryption
Question on using password managers.
Generative AI: The Dual-Edged Sword in Cybersecurity
Computer Forensics
Decrypting signal.sqlite - did they change something?
netsecstudents: Subreddit for students studying Network Security and its related subjects
How to properly use the TPM for tamper evidence?
Technical Information Security Content & Discussion
Bypassing airport security via SQL injection
CVE-2024-38063 - Remotely Exploiting The Kernel Via IPv6
Analysis of CVE-2024-43044 — From file read to RCE in Jenkins through agents
Careful Where You Code: Multiple Vulnerabilities in AI-Powered PR-Agent
HACKMAGEDDON
May 2024 Cyber Attacks Statistics
TrustedSec
Gobbling Up Forensic Analysis Data Using Velociraptor
NetSPI
The Balancing Act of In-House vs Third-Party Penetration Testing
The Hacker News
Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack
U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks
How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back
Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform
表图
CrowdStrike在财报电话会上详细说明719蓝屏事件后的安全改进措施
Blackhat Library: Hacking techniques and research
Can anyone here remove Yelp reviews 100% guaranteed?
吴鲁加
八年的创业笔记
Deep Web
Python kingdom cards a scam
where to find the answers to my question from dark web
Guys, please help me, my Instagram and Discord accounts were hacked, when I entered my browser, I came across the image below, what could this be? please help me, anxiety attacked me too much.
Steroids
Trend Micro Research, News and Perspectives
Threat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool
AI Pulse: Sticker Shock, Rise of the Agents, Rogue AI
360数字安全
360携20+“终端能力者”!组建ISC终端安全生态联盟
The Register - Security
US indicts duo over alleged Swatting spree that targeted elected officials
What a coincidence. Spyware makers, Russia's Cozy Bear seem to share same exploits
Feds claim sinister sysadmin locked up thousands of Windows workstations, demanded ransom
Rock Chrome hard enough and get paid half a million
Brain Cipher claims attack on Olympic venue, promises 300 GB data leak
CrowdStrike's meltdown didn't dent its market dominance … yet
Your Open Hacker Community
Google Auth App Tokens , Via Adgate , Advertising Redirects To Google Play
Inter Server Time Change
IRC Channel
Sector 7
Pwn2Own Automotive 2024: Hacking the JuiceBox 40
每日安全资讯(2024-08-30)